CoreStream Solutions

Legal

Privacy Policy

CoreStream Solutions respects your privacy. This policy explains what information we collect, how we use it, and how we protect it.

Last updated: February 24, 2026

1. Introduction

CoreStream Solutions is operated by Time Carve Designs LLC. We are a workflow automation consultancy that builds custom automation systems for service businesses. This Privacy Policy describes how we handle information collected through our website and through the delivery of our services.

2. Information We Collect

The information we collect depends on how you interact with us:

Website Visitors

We collect basic analytics data such as pages visited, browser type, and general location. We do not collect personally identifiable information from casual website visitors unless voluntarily submitted — for example, through our contact form.

Clients

We collect name, email address, business information, and account access provided through OAuth authorization flows. We access client data on third-party platforms (such as Google Sheets, Gmail, Google Drive, and Microsoft Outlook) solely to deliver contracted automation services.

3. How We Use Information

  • To deliver and maintain automation services as agreed upon with clients
  • To communicate with clients about their services
  • To improve our website and services

We do NOT sell, rent, or share personal information with third parties for marketing purposes.

We do NOT use client data for any purpose outside the scope of our service engagement.

4. OAuth and Third-Party Platform Access

Our automation services require authorized access to third-party platforms such as Google Workspace and Microsoft 365. Here is how that access works:

  • We access third-party platforms only through standard OAuth 2.0 authorization flows.
  • We request only the minimum permissions (scopes) necessary to deliver the agreed-upon services.
  • Access tokens are stored securely on our self-hosted automation infrastructure.
  • Clients can revoke our access at any time through their account settings on the respective platform.
  • We do not store client passwords — OAuth allows access without sharing passwords.

5. Data Storage and Security

  • Client data processed through our automation systems is handled in transit and is not permanently stored beyond what is necessary for the automation to function (e.g., logging and error tracking).
  • Our automation infrastructure is self-hosted on secure, managed servers.
  • We implement reasonable security measures to protect data from unauthorized access.

6. Data Retention and Deletion

  • We retain client data only for the duration of the active service engagement.
  • Upon termination of services, OAuth access is revoked and client data in our systems is removed.
  • Clients may request data deletion at any time by contacting us.

7. Cookies

Our website may use basic cookies for site functionality and analytics. We do not use advertising or tracking cookies.

8. Third-Party Services

Our website and services may link to or integrate with third-party platforms. We are not responsible for the privacy practices of those platforms. We encourage users to review the privacy policies of any third-party services they use.

9. Children's Privacy

Our services are designed for businesses and are not directed at individuals under the age of 18. We do not knowingly collect information from children.

10. Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top of this page will reflect the most recent revision. Continued use of our services after changes are posted constitutes acceptance of the updated policy.

11. Contact

For questions about this privacy policy or our data practices, please use our contact form and select “Privacy question” from the dropdown.

← Back to homeView Terms of Service →